Tag Archives: Zero-day

New JavaScript Disclose Google Chrome Extensions

Security researcher have posted a JavaScript code which allows any person to check list of Google chrome extension installed on the browser, the code can be used on any website to check visitors list of plugins and as a result

Several Zero-Days on Latest WordPress CMS

WordPress CMS is now open to several vulnerabilities that allow an attacker to conduct SQL injection and run a malicious javascript on visitor’s machine over a cross site scripting bug. Actually the bug exist during the installation process so in

Apache reverse proxy bug allows compromising internal system

Apache team is working on fixing a new vulnerability that allows an attacker from internet to have an internal access to the system. This zero day is reported by Prutha Parikh from Qualys. On a blog post published there are

Remote DoS Vulnerabilty in Apache

Apache Killer a new exploit that uses a serious Apache vulnerability discovered over 54 months ago, the bug allows hacker to conduct a denial of service attack and turn any web server down. Under certain conditions Apache internally is inefficient

Hackers Exploit Latest Microsoft MHTML Bug

Microsoft is investigating new public reports of vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web sites, resulting in information disclosure. This impact

SANS: Rising numbers of zero-day vulnerabilities

TippingPoint and Qualys two security companies have been involved in a study named “The Top Cyber Security Risks” revealed that more than half of all cyber attacks are targeting applications and websites. This report is based on information collected from

Methods to Avoid Zero day attack

Updating software packages, configuring firewall properly and implementing an antivirus solution can help to guarantee good security for a home user. But when it comes for corporate information system that provides services for public network and have an outside access,